HTML/Infected.WebPage.Gen and Computer Sends Emails by Itself

Hi!

About a month ago, my computer decided to send emails by itself (well, without my help). I read and followed the malware removal guide instructions. As far as I could tell, nothing of significance was found. Since "something" was sending email from my hotmail account, I figured "something" had to be there and I posted my logs for your review. You did not find anything either.

I attributed the problems to a bad AVG update, and when I finally was able to uninstall AVG completely, I began using the free version of Avira AntiVir Personal. The automatic emails stopped.

Since that time, the Avira AntiVir Guard has popped up several times. Each time, it was an htm file listed in C:\Documents and Settings\Terrie\Local Settings\Temporary Internet Files\Content.IE5\ folder. (The specific folder and file name changed with each notice). With each notice, I clicked deny access. When the guard popped up this week, I checked quarantine in hopes that would get rid of the problem.

Within a couple of days, my computer started sending emails again. These emails have no subject line and the only thing inside the email is a weblink.

Today, I ran another complete scan with Avira AntiVir and then ran cccleaner, superantispyware, malwrebytes. With the exception of a couple of "warnings" detected by Avira, nothing else was found. So, I go back online to see the next step in the removal process when the Avira guard popped back up with the HTML/Infected.WebPage.Gen detection. After reading the summary information at Avira, I wonder if this could be the culprit.

I have run the programs as indicated. I’m not sure what happened with combofix. Shortly after finishing the scans, the screensaver kicked in and then I heard the windows critical stop sound. When the desktop reappeared, it seemed as though it was “stuck” mid re-boot. I waited about 10-15 minutes but nothing changed. So, I rebooted the computer. Now that I am attaching logs, I see there is no combofix log. There is no combofix log. Should I rerun it?

So, to make a long story short (a little late for that ), here are my questions:

1. Is HTML/Infected.WebPage.Gen responsible for my hotmail account automatically sending out messages?
2. Do I select "deny access" or "quarantine" whenever the guard pops up?
3. Is the problem hiding somewhere on my computer or just a fluke that I'm hitting websites that have it?
4. Why does my computer have an IE.5 directory when I'm running IE8?

I’m sorry for being so long-winded but wanted to give you all the info since this “bug” is as aggravating as the car noise the mechanic never hears.

Thank you so much for helping me.

 

Hi Tim,

I followed your instructions and everything appeared to be fine...until today. It has started again. This is the reason I had not responded before now--I was afraid the issue would popup again as there appears to be some sort of pattern.

As for the pattern, I'm not sure if it is a particular date or a particular time span; I just know that it restarts sending emails about a month after it stops sending the emails.

The only possible conflict with me following your instructions could be the change in language on WindowsLive and Outlook. There is a mailbox cleanup option but no compact option--at least not that I can find. That being said, if there is actual compact option and it is not within the cleanup option, then I accidentally did not follow your instructions. I did check out the site for which you provided the link, and as far as I could tell, I followed instructions.

Any help you can provide will be GREATLY appreciated! I'm beginning to lose friends as they are scared they will catch something from these emails.

Thanks! I'm anxiously waiting to hear from you.

Wuf4Wds